Reset Your Password in Windows 10 Bash / Ubuntu

If you forget your root password for Bash on Windows, you can do the following to reset your password:

First, run: lxrun /setdefaultuser root . This will open a new Bash window as root.

From there, run: passwd your_username and then enter your new root password

Then change the default user for Bash back to your user: lxrun /setdefaultuser your_username

 

That’s it! Enjoy Bash on Windows 10.

Rebooting Computers with Symantec PGP Encryption Installed

In the same vain as my previous post on rebooting Macs with FileVault, computers with Symantec PGP Encryption also require users to enter a password before Windows boots which can be quite annoying. However, there is a workaround!

First, via command prompt navigate to C:\Program Files\PGP Corporation\PGP Desktop OR C:\Program Files (x86)\PGP Corporation\PGP Desktop depending on if you are 64-bit or 32-bit.

For a one-time password bypass, run this:

pgpwde –add-bypass –admin-passphrase [phrase]

Or for several reboots, run this:

 pgpwde –add-bypass –disk [number] –count [number] –admin-passphrase [phrase]

Where phrase is the password / passphrase and the number is the number of reboots. Disk is for if multiple disks are encrypted. Enjoy your reboots now!

 

Securely Transmitting Passwords

I’ve been doing a lot of research recently on secure methods of password sharing. Being in IT, I have to share many passwords each day and also have passwords shared with me by clients.

My favorite so far is ZeroBin. It is no-frills, open source (so anyone can vet it), and fairly simple. It requires no database and doesn’t store any information in a database. It is as simple as downloading the components, throwing it on a web server and going to the index page. That’s it. I did it on my server here and have been using it personally with no issues.

You can set messages / data to delete after a certain amount of time, like 5 or 10 minutes, or longer… 10 – 30 days.

How is this secure?

  • The text or data is encrypted & compressed inside the browser, then sent to the server already encrypted
  • The server has the encrypted data and that is all
  • The text is encrypted inside the browser. The encrypted data is sent to the server, while the encryption key does not get sent. Therefore even if a server was compromised, nothing could be done with the data
  • The encryption key is part of the URL and that is what unlocks the data

Diagram below

zerobin